Midnight Blizzard suspected as the attackers
Uses a vulnerability that was patched in March
Attacks stole 2FA codes, too
Flaw is under active attack, according to Google security researcher
Customers urged to ensure email security gateway appliances are up-to-date, halt the use of compromised and refresh all credentials
Problem has been rumbling on for months
No information of 'what, if any', data was affected
The impact of the attack is widespread across Germany
Tens of millions of pounds saved by NCF actions, according to spy chief
Emails between people who previously worked for other departments are flagged as spam